According to separate security reports from Cisco and Sipera's Viper Lab research arm, the exploits are carried out using techniques that lend themselves to the interpretation that the attackers are tapping into broad resources that make their work more effective.

The criminals are using brute force attacks to crack passwords, indicating they may be bringing cheap, easily available cloud computing power to bear, says Adam Boone, Sipera's vice president of marketing and product management. The scale of attacks at any given moment indicates that botnets might be in play, but there is no hard evidence that either they or cloud resources are involved, he says.

The most common exploit against compromised PBXs is toll fraud - using someone else's phone system to make long-distance calls. The second is forcing the PBX to call premium numbers controlled by the attackers that charge by the minute. Businesses whose PBXs have been attacked are billed. "In both types of fraud, enterprises are frequently unable to dispute the charges because they are unable to provide evidence that the charges are in error," the Sipera Viper Labs report says.

Cisco also noted the prevalence of vishing - telephone-based phishing - where callers pretend to be from banks, the government or other institutions and seek to get victims to relinquish valuable personal data such as Social Security and credit card numbers.

Cisco's report, which is about IT security in general, says, "VoIP abuse has been on the upswing and appears poised for further growth." A graph categorizing different classes of attack puts VoIP among those with potential but near to the group Cisco calls "rising stars" that includes Web exploits, money laundering and data theft Trojans.

The increase in VoIP attacks was first noted just before Halloween last year when the peak percentage of attacks against VoIP routinely rose to a high of about 30 per cent. In previous research, Sipera found that attacks directed against VoIP topped out at about 10 per cent, Boone says. Since last fall the percentage of total attacks that are directed at VoIP has continued to peak at about 30 per cent.

He offers three possible reasons for the attention VoIP is drawing. First, by and large VoIP systems are unprotected from outside attacks, he says. Second, VoIP is becoming more popular and reaching a critical mass that draws attackers. "It's common, and it gets the attention of hackers," he says. And third, there's money in it to be had easily.

Sipera has set up honeypots that are exposed to the Internet that appear to be unprotected VoIP systems. Once attackers have successfully broken in, the honeypots monitor what they try to do. They also locate the source of the attacks by country. The top three attack-launching locations are China, Russia and the U.S., followed by South Korea, Vietnam, Turkey and India, Viper Labs says.

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited. Copyright 2013 IDG Communications.
ABN 14 001 592 650. All rights reserved.

Contact Us

With over 25 years of brand awareness and credibility, Good Gear Guide (formerly PC World Australia), consistently delivers editorial excellence through award-winning content and trusted product reviews.